Cybercriminals seeking to exploit security vulnerabilities last year are unlikely to stop this year. And their unwavering attempts to find flaws in computer systems might put government agencies, businesses and consumers at risk for data breaches and other security incidents. In the race to find security flaws ahead of cybercriminals, IT researchers are paying attention to security vulnerabilities likely to trend in 2014, according to Dark Reading.
Global organizations, including federal agencies and businesses, may have security loopholes that may go unnoticed for months until a security breach or cyberattack. However, this growing problem may prompt governments to create an international Vulnerability Purchase Program to help identify cybersecurity flaws before criminals know about them.
Organizations Ramp Up Vulnerabilities Research
Dark Reading notes that the number of bounty programs have increased recently, lowering the amount of vulnerabilities reported in 2013, and this is likely to continue this year. Top tech companies, including Google and Microsoft, head commercial software bounty programs, in addition to specialist firms such as HP TippingPoint, in the effort to find flaws and patch them before cybercriminals have a chance to exploit them, CSO reports. In response to new and changing cyberthreats, Dark Ready said vulnerability researchers are likely to see their pay for finding loopholes go up in 2014.
"We are seeing a steady increase in researchers in our program, especially from the Pac-Asia region, Russia, and the United Kingdom," said Brian Gorenc, manager of vulnerability research for ZDI.
Criminals Likely to Target Popular Security Products
Cybercriminals may try to target the vulnerabilities found in major software company products, including Microsoft and Adobe. Since these software systems are used by other organizations, criminals will try to exploit vulnerabilities in security systems directly to perpetuate data breaches.
Gorenc said vulnerability researchers saw an increasing number of flaws in security products as 2013 was ending.
"If you are a valuable target, you have to assume that you are already compromised and that you will get compromised again," said Stefan Frei, director of research for security-information firm NSS Labs, according to Dark Reading.
Backdoor Access in Wireless Systems Exacerbates Vulnerabilities
After reports of the National Security Agency surfaced that indicated the agency had a backdoor to tech companies' systems, firms might also notice that their Wi-Fi routers might be at risk for being controlled remotely, according to SC Magazine. Backdoor access to Wi-Fi routers, which may have been built-in by a wireless networking equipment manufacturer, also increases the vulnerability organizations have to cyberattacks.
